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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS. 
WHICHEVER IS LONGER. FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

• If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED {35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)S Responsive to communication(s) filed on 17 December 2007 . . 
2a)l3 This action is FINAL. 2b)n This action is non-final. 

3) n Since this application is in conidition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11. 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-12 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration, 

5) K Claim(s) 4 is/are allowed. 

6) 13 Claim(s) 1-3 and 5-12 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)n accepted or b)n objected to by the Examiner 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152, 

Priority under 35 U.S.C. § 119 

12)n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 0 Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) n Notice of References Cited (PTO-892) 4) [H Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 5) □ Notice of Informal Patent Application 

Paper No(s)/Mall Date . 6) □ Other: . 
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DETAILED ACTION 

1. Applicant amendment received on 12/17/07 has been entered and new drawings 
submitted on 12/17/07 have been accepted. 



Response to Amendment 

2. As advised by applicant the examiner found mailing address for the inventor 
included in the Application Data Sheet filed with the application on March 17, 2004. 
As a result objection to Oath/Declaration is withdrawn. 

3. In light of the amendments the 35.USC § 112 second paragraph rejection is 
withdrawn. 

4. Applicant argues that audit databases on servers (e.g. key servers and resource 
servers) are not well known but does not offer any arguments to contrary. The 
examiner points to Smith reference cited in and submitted with the previous Office 
Action. As per additional limitation argued by applicant and referred to comparing 
events of a resource server audit database and key server audit database the 
examiner points to paragraph 6 of the previous Office Action. 

Additionally, applicant argues that Certification Revocation List is the not the same 
as a key server audit database. However, once again, applicant failed to provide 
any arguments to the contrary and, as a result, the arguments are found not 
persuasive. 



5. Claims 1-12 have been examined. 
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The text of those sections of Title 35, U.S. Code not included in this action can be 
found in a prior Office Action. 

Claim Rejections - 35 USC § 103 

6. Claims 1-3 and 5-12 remain rejected under 35 U.S.C. 103(a) as being unpatentable 
over Feghhi et al. (jaial Feghhi, Jalil Feghhi, Peter Williams, "Digital Certificates 
Applied Internet Security, 1999, ISBN: 0201309807). 

Fegghi discloses a resource server (IIS server), that provides access to resources 
to authorized users (introduction in "Secure Web Communications-Client 
Authentication", pg. 323 and details disclosed in "Enabling SSL Client 
Authentication" and "Mapping Client Certificates to User Accounts", pg. 331-333), 
wherein authorization of a user is determined, at least in part, by the user's 
possession of a secret key (certificates include secret keys, see pg, 66-68, for 
example), a key server, that provides access to a secret key by an authorized user 
("Getting a Client Certificate from a CA", pg. 326-327") 

7. Although Fegghi discloses a key server audit database (e.g. "Certificate Revocation 
Lists (CRLs)", pg. 74), Fegghi does not disclose a resource server audit database, 
and a usage analyzer that analyzes the key server audit database and the resource 
server audit database to compare events therein. 

However, the use of audit database on resource servers is well known in the art of 
computer security (e.g. Smith) and it would have been obvious to one of ordinary 
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skill in the art at the time of applicant's invention to implement audit database on 
resource servers given the benefit of increased security. 

Also, comparing suspicious events in the resource server audit database with the 
key server audit database would have been obvious to an ordinary artisan in the art 
of computer security, given the benefit of security (the key server audit database 
provides additional security information regarding the secret keys, in particular 
whether the keys are valid, see "Certificate Revocation Lists (CRLs)", pg. 74-76). 

8. As per claims 2 and 3. even though, it is clear that the key server disclosed by 
Fegghi is an application server (CA server) and the resource server is a transaction 
server (IIS server), the examiner points out that the limitation as cited attempt to 
simply limit the limitation by providing a specific name to particular components. 
However, a particular naming of the components would not affect the functionality of 
Fegghi's invention. 

9. As per claim 5-9, the limitations are obvious variation of security policies well known 
in the art (secure events are time and frequency sensitive (Kerberos, Windows Log 
in etc.), access restriction limitation based on source/destination address (e.g, 
commonly implemented in firewalls)). Thus implementing a particular security 
features recited in claims 5-9 would have been an obvious variation well known in 
the art. One would have been motivated to use them especially in light of the 
benefits of these security features as evidenced by their commercial success. 

10. As per claim 10, the examiner points out that, there are inherently two obvious 
choices of performing any actions, in real-time and not in real-time, wherein each 
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option is an obvious variation of another. Furthermore, the real-time responses are 
well known in the art of computer science and it would have been obvious to one of 
ordinary skill in the art at the time of applicants invention to analyze and compare 
audit database record in real-time given the benefit of computer efficiency (note that 
most of the logs are created in real-time). 

1 1 . The limitations of claim 1 1 are implicit: any security violation would trigger 
disablement of an access that is based on the secret key. 

12. As per claim 12, any comparison of logs discussed above must involve two 
computers and the examiner points out that the placement of a usage analyzer (on 
the key server or key client) would have been an obvious variation not affecting 
functionality of Fegghi's invention. Additionally, the examiner points out that a client 
(e.g. a resource server) requesting a server (a key server) to process data (validate 
the secret key) is a standard feature in the client/server environment. 

Conclusion 

Claim 4 overcame the art of record. 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
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TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peter Poltorak whose telephone number is (571) 272- 
3840. The examiner can normally be reached Monday through Thursday from 9:00 
a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571) 272-381 1 . The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free) 





